wiredmikey writes: Targeted attacks against Tibetan and Uyghur activists are nothing new, but attackers appear to be expanding their arsenal of attack tools to the Android platform. While attacks against the activists in the past have targeted both Windows and Mac OS X-based platforms, researchers from Kaspersky Lab have discovered an APT that successfully leverages Android to compromise targets.

According to Kaspersky researchers, a high profile Tibetan activist had his email account hacked on March 24th, 2013. Attackers used the hacked account to send spear phishing emails to the victim’s contact list that included a malicious Android Package (APK) attachment named “WUC’s Conference.apk”, which if installed, creates a malicious app called ‘Conference’ on the Android desktop.

If the victim launches the malicious app, the malware silently contacts a C&C server and starts to harvest data including includes contacts, call logs. SMS messages, geolocation and other phone data such as phone number, OS version, phone model, and SDK version.

While there have been previous indications that these types of attacks were in development, this attack is perhaps the first in a new wave of targeted attacks aimed at Android users, Kaspersky noted in a blog post. “So far, the attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.”